The Microsoft Sysinternal Autoruns tool can be used to learn about everything that starts when Windows boot up. The tools can be found at the following URL: https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns. We have explained some of them in Chapter 1, Malware persistence mechanisms:
Autoruns tool
The tool displays a lot of stuff. It includes the entries related to run entries, scheduled tasks, and services that can spawn malware when Windows start. This tool can also be used for troubleshooting and forensics purposes, to identify unwanted software that can start without the knowledge of the user.